Approvals
Gray’s agents can read freely, but consequential actions — restarts, deletes, config changes, anything destructive — stop at an approval gate before they run.
How a gate looks
Section titled “How a gate looks”The agent’s lane pauses and shows exactly what it wants to run, in the terminal’s own words. The gate is the screen’s single red element — Gray’s design reserves red for the one thing that needs you right now. The feed auto-scrolls to it; a lane that needs you always wins focus.
Your choices
Section titled “Your choices”- Approve — the command runs, the lane continues, the decision is recorded.
- Deny — the agent stops that path and explains what it would have done.
- Some gates offer options (for example which environment to target) — pick one instead of a plain yes/no.
Where approvals are enforced
Section titled “Where approvals are enforced”On the box, not in the app. The agent process is held by the server until the approval arrives over the authenticated session — closing the app does not release a gate, and there is no auto-approve timeout: an unanswered gate simply waits (it closes only if the underlying prompt itself goes away).
The record
Section titled “The record”Every approval and denial lands in Activity with the surrounding transcript, so you can always answer “what did I let it do?” See Approvals & audit.
SSH approvals
Section titled “SSH approvals”Terminal sessions have their own inline gates (for example the first time Gray wants to run a privileged command on a paired host). Same rule: the command is shown verbatim, nothing runs until you say so.